NodeSource Node.js Binaries for Enterprise Linux

Two months ago, we announced that we were joining forces with Chris Lea to provide long-term, stable, and reliable binaries for Debian and Ubuntu based Linux distributions. This expands the work Chris was doing with his Launchpad PPA and adds support for many more distributions. Not only are we now able to support Debian users, we've worked with the community to add solid support for Linux Mint, Linux Mint Debian Edition (LMDE) and elementaryOS. The flexibility of our distribution allows us to support the long-tail of Debian and Ubuntu based distributions.

Expanding Support

We're happy to be able to announce that we're now building and distributing Node.js binaries in RPM form, for Enterprise Linux and Fedora Core based systems. This includes Red Hat® Enterprise Linux® (RHEL), CentOS and Fedora.

Our initial official list of target platforms is:

RHEL 5 (32-bit and 64-bit)

RHEL 6 (32-bit and 64-bit)

RHEL 7 (64-bit)

CentOS 5 (32-bit and 64-bit)

CentOS 6 (32-bit and 64-bit)

CentOS 7 (64-bit)

Fedora 19 (Schrödinger's Cat) (32-bit and 64-bit)

Fedora 20 (Heisenbug) (32-bit and 64-bit)

But we can also report that the binaries are compatible with Oracle® Linux which mirrors RHEL very closely. We have also successfully integrated support for recent versions of Amazon Linux, which is based on EL but has diverged somewhat. As with the Debian and Ubuntu binaries, it's likely that we'll be able to support a long-tail of distributions but we'll need community help to achieve this.

How Do I Get Them?

As with our Debian and Ubuntu binaries, we have a setup script that will install a yum repository suitable for your system and the NodeSource binary signing keys:

$ curl -sL https://rpm.nodesource.com/setup | sudo bash -

(Note: if sudo causes problems, simply remove it and run the command as "root")

Further Information and Getting Help

We welcome pull requests and issues for discussion, critique and assistance with expanding support. We are offering this as a service to the Node.js community but we also need community help to improve the quality of the setup mechanism, documentation and distribution coverage.

Supporting the Enterprise

While not as popular for personal use or in SMEs, Enterprise Linux and related distributions are a common choice for large enterprise deployments. Red Hat® Enterprise Linux® (RHEL) is the distribution of choice for some of the largest deployments of Node.js today. CentOS, a free clone of RHEL and now supported by Red Hat, is not uncommon in SME deployments and Fedora has a significant following amongst Linux desktop users.

Like recent versions of Debian and Ubuntu, the official repositories for the latest versions of RHEL, CentOS and Fedora all contain a version of Node.js. However, there are a number of problems with these official binaries:

Release timeliness

In spite of the recent, temporary slowdown in Node.js stable release cadence, Node.js is a fast-moving platform. It's still young and rapidly maturing. Having access to up-to-date stable releases is very important to most users and having access to security releases ASAP is essential. This is particularly true for large enterprises that are major targets to those interested in taking advantage of exploits in the platform. Official distribution repositories often have significant delay in following Node.js releases.

NodeSource is working towards a closer synchronization of our Linux binary releases with the official releases from Node.js core. This is especially important where zero-day exploits are concerned.

Release pinning

An upgrade to Node.js 0.12 (and future major increments) is unlikely to be supported by official distribution repositories that have been distributing 0.10 releases. "Stability" generally means sticking to major versions and not introducing surprises, this is how companies like Red Hat and Ubuntu can offer "Long-term Support". This doesn't gel well with current development and deployment practices we are seeing with Node.js and we want to enable developers to move with the platform and not stagnate.

Bundling style

Most major distributions have strict policies of how packages need to be bundled for official release. Dependencies are generally required to be installed via separate packages. In the case of npm, this means that all of its internal dependencies have to become their own package. Not only do you have to install a "nodejs" package and an "npm" package, they bring along a package per npm dependency! NodeSource's packages bundle both Node.js and npm and all of npm's dependencies in the standard structure.

Node.js solves one of the major problems of dependency management by allowing an application to have multiple versions of the same dependency safely co-existing in the same runtime. Developers also drive towards smaller packages in Node.js so it's not uncommon for an application to have hundreds of packages in its dependency tree. This pattern does not fit well with the current bundling policies of major Linux distributions.

EL5...

RHEL 5 and CentOS 5 were released in mid-2007 and their default toolchains are below the minimum officially supported by Node.js and libuv. Python causes major problems when trying to compile Node.js from source and when you get over that hurdle you still run in to trouble involving Python in native addon compilation. Even the Extra Packages for Enterprise Linux (EPEL) distribution doesn't bother trying to offer Node.js for EL5.

Yet RHEL 5 is still very common in major deployments. It's battle-hardened and operations teams trust it and know it well. What's more, Red Hat are offering extended support into 2020!

Anybody who has felt the pain of Node.js on EL5 will be relieved to know that NodeSource has it covered with our new binary distribution. We're even distributing a version of Python 2.6 to make it work! We can't promise support until 2020 as it may become impossible as Node.js evolves, but we'll keep on trying as long as we know people are using EL5.

Support

NodeSource is all about Node.js. We are an engineering company at heart and most of our team members are heavily invested in the Node.js project and the Node.js community. Our passion is to support both the Node.js community and the growth and stability of Node.js in the enterprise and our binary distributions are a key part of this.